Index: branches/5.1.x/core/units/form_submissions/form_submissions_eh.php =================================================================== diff -u -N -r12657 -r13086 --- branches/5.1.x/core/units/form_submissions/form_submissions_eh.php (.../form_submissions_eh.php) (revision 12657) +++ branches/5.1.x/core/units/form_submissions/form_submissions_eh.php (.../form_submissions_eh.php) (revision 13086) @@ -1,6 +1,6 @@ Application->IsAdmin()) { + if (!$this->Application->isAdmin) { if ($event->Name == 'OnCreate') { // anybody can submit forms on front return true; @@ -118,23 +118,39 @@ function getPassedID(&$event) { - if (!$this->Application->IsAdmin()) { + if (!$this->Application->isAdminUser) { + // no way to see other user's form submission by giving it's ID directly in url return 0; } + return parent::getPassedID($event); } + /** + * Creates new form submission from Front-End + * + * @param kEvent $event + */ function OnCreate(&$event) { parent::OnCreate($event); - if ($event->status == erSUCCESS) { - $this->Application->EmailEventAdmin('FORM.SUBMITTED'); - //$this->Application->EmailEventUser('FORM.SUBMITTED', null, 'to_email' = ) - - $event->redirect_params['opener'] = 's'; - $event->redirect_params['m_cat_id'] = 0; - $event->redirect = $this->Application->GetVar('success_template'); + if ($event->status != erSUCCESS) { + return ; } + + $this->Application->EmailEventAdmin('FORM.SUBMITTED'); +// $this->Application->EmailEventUser('FORM.SUBMITTED', null, 'to_email' => ''); + + $event->SetRedirectParam('opener', 's'); + $event->SetRedirectParam('m_cat_id', 0); + + $theme =& $this->Application->recallObject('theme.current'); + /* @var $theme kDBItem */ + + $template = $this->Application->GetVar('success_template'); + $alias_template = $theme->GetField('TemplateAliases', $template); + + $event->redirect = $alias_template ? $alias_template : $template; } } \ No newline at end of file